[Gelöst] OpenVPN unter Fritzbox 7390 mit Freetz

Sidebar Sidebar
Upgrade 3CX to v18 and get it hosted free!
K

klausgt

Neuer User
Mitglied seit
15 Feb 2012
Beiträge
5
Punkte für Reaktionen
0
Punkte
0
Hallo,

ich habe ein Problem mit dem aktuellen Freetz Trunk auf einer Fritzbox 7390 und OpenVPN. OpenVPN ist konfiguriert und der Aufbau des VPN klappt. Vom Client aus kann ich die Netze hinter der Fritzbox erreichen. Von der Fritzbox aus ist nur der Client auf der VPN Adresse erreichbar, obwohl die Route für die Netze hinter dem Client richtig gesetzt ist.

Ich suche schon ein paar Tage an dem Problem herum und komme nicht weiter. :confused: Alles sieht für mich richtig aus. Kann mir jemand helfen?

Das Server LAN hat die Adresse 192.168.0.0, Netmask 255.255.255.0.
Der VPN nutzt das Netz 192.168.1.0, Netmask 255.255.255.0.
Der Server hat die Adresse 192.168.1.1.
Der Client verbindet sich mit der Adresse 192.168.1.10.
Das Client LAN hat die Adresse 192.168.2.1, Netmask 255.255.255.0.

Die Routing Tabelle der Fritzbox ist:
Code: 
root@fritz:/var/mod/root# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.180.1   0.0.0.0         255.255.255.255 UH        0 0          0 dsl
192.168.180.2   0.0.0.0         255.255.255.255 UH        0 0          0 dsl
84.56.141.253   0.0.0.0         255.255.255.255 UH        0 0          0 dsl
192.168.179.0   0.0.0.0         255.255.255.0   U         0 0          0 guest
192.168.2.0     192.168.1.10    255.255.255.0   UG        0 0          0 tun0
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 tun0
192.168.0.0     0.0.0.0         255.255.255.0   U         0 0          0 lan
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 lan
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 dsl

Code: 
root@fritz:/var/mod/root# ping 192.168.1.10
PING 192.168.1.10 (192.168.1.10): 56 data bytes
64 bytes from 192.168.1.10: seq=0 ttl=64 time=36.000 ms
64 bytes from 192.168.1.10: seq=1 ttl=64 time=36.000 ms
64 bytes from 192.168.1.10: seq=2 ttl=64 time=28.000 ms
^C
--- 192.168.1.10 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 28.000/33.333/36.000 ms

Code: 
root@fritz:/var/mod/root# ping 192.168.2.100
PING 192.168.2.100 (192.168.2.100): 56 data bytes
^C
--- 192.168.2.100 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
Die Server Config ist:
Code: 
root@fritz:/var/mod/root# cat /mod/etc/openvpn.conf
#  OpenVPN 2.1 Config, Thu Jan  1 01:00:49 CET 1970
proto udp
dev tun
dev-node /dev/tun
ca /tmp/flash/openvpn/ca.crt
cert /tmp/flash/openvpn/box.crt
key /tmp/flash/openvpn/box.key
dh /tmp/flash/openvpn/dh.pem
tls-server
port 1194
ifconfig 192.168.1.1 255.255.255.0
push "route-gateway 192.168.1.1"
topology subnet
push "topology subnet"
push "route 192.168.0.0 255.255.255.0"
max-clients 5
mode server
ifconfig-pool 192.168.1.10 192.168.1.20
push "route 192.168.1.1"
client-config-dir /clients_openvpn
route 192.168.2.0 255.255.255.0 192.168.1.10
push "dhcp-option WINS 192.168.0.100"
tun-mtu 1500
mssfix
verb 3
daemon
cipher BF-CBC
keepalive 10 120
status /var/log/openvpn.log
chroot /tmp/openvpn
user openvpn
group openvpn
persist-tun
persist-key

Der OpenVPN Client läuft auf einem Debian Squeeze mit ARM CPU. Der Level des Clients ist Openvpn 2.1.3-2.
Die Client Config ist:
Code: 
client
dev tun
tun-mtu 1500
proto udp
remote xxxx.dyndns.org 1194
resolv-retry infinite
nobind
user openvpn
group openvpn
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
cipher BF-CBC
verb 3
 
Zuletzt bearbeitet:
Die Route in das Netz beim Client ist über die "Erweiterte Client Config" eingetragen? Das ist erforderlich, um bei einer "Mulit-Client Konfiguration" wie bei dir den entsprechenden Befehl für den Client zu setzen ("iroute" Befehl im Cline-config-dir).
Kannst du (als ersten Test) die LAN-IP des Clients anpingen (oder ist das schon die 192.168.2.100)?
Wenn (nur) das geht muss auch noch sicher sein, dass aus Richtung des Client-LAN die Route für VPN und das Server-Lan zu dem VPN-Client gehen? Wäre automatisch gegeben, wenn der VPN-Client das Defaultgateway im Netz ist.
 
Die Route in das Netz beim Client ist über die "Erweiterte Client Config" eingetragen? Ja, ist Sie.

Die 192.168.2.100 ist die LAN-Ip des Clients. Es kommt keine Antwort wenn ich sie anpinge. Auf dem Client kommen keine Packets an. Der Packet Reveive-Counter des Interface ist unverändert. Wenn ich die VPN-Id des Clients anpinge, dann kommen Antworten und der Receive-Counter geht hoch. Für mich sieht es so aus, dass die Route zwar da ist, aber nicht verwendet wird. Firewall habe ich auf komplett auf Duchlass gestellt.

Der Client bekommt per Push eine Route für das Server Netz. Vom Client aus kann ich alle Systeme im Server LAN erreichen.
 
Gut (oder schlecht), die einfachen Fehler sind es nicht...
Könntest du (für alle Fälle) noch ein "cat /tmp/openvpn/clients_openvpn/<name des CLients im Zertifikat>" machen?
Dort müsste/sollte in etwa stehen:
Code: 
ifconfig-push 192.168.1.10 255.255.255.0
iroute 192.168.2.0 255.255.255.0

Ich würde um es "richtig" zu haben noch den IP-Pool so ändern, dass die "fest vergebene IP" (die in der erweiterten Clientkonfiguration vergeben wird, bei dir die .10) nicht auch im "ifconfig-pool" ist; der ist für Clients, die nicht eine feste IP bekommen. Das wäre noch ein möglicher "Fehler", wenn sich ein anderer Client verbindet, der diese IP bekommen hätte.

Ansonsten bleibt nur die Analyse von Logfiles auf beiden Seiten, ggf. mit höherem Wert bei "verb"...
 
root@fritz:/var/mod/root# cat /tmp/openvpn/clients_openvpn/xxxx
ifconfig-push 192.168.1.10 255.255.255.0
iroute 192.168.2.0 255.255.255.0

Ich hatte ursprünglich die feste Client Adresse außerhalb des Pools genommen. Das war teil meines Debugging eine Adresse aus dem Pool zu nehmen ;-). Ändere ich wieder zurück.
Ich versuche mal später heute die Logfiles mit "verb 5" zu ziehen und zu posten.
 
Ich habe die feste Adresse des Clients auf 192.168.1.9 verschoben. Das ist jetzt außerhalb des DHCP Ranges für andere Clients. Danach habe ich beide runtergefahren und zuerst den Server mit verb=5 und dann den Client mit verb=5 wieder gestartet. Logfiles poste ich unten. Sorry für den langen Post.

Verbindung wurde aufgebaut. Routen sind da. Aber jetzt kann ich vom Client aus nur noch die VPN Adresse des Servers pingen. Ein ping auf die LAN-Seite der Fritzbox klappt nicht. Ebenso der Zugriff auf das LAN hinter der Box. Vom Server kann ich gar nichts mehr pingen. Weder die VPN Adresse des Clients noch ein LAN Interface.

Hier die Routing Tabelle der Fritzbox:
Code: 
root@fritz:/var/mod/root# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.180.1   0.0.0.0         255.255.255.255 UH        0 0          0 dsl
192.168.180.2   0.0.0.0         255.255.255.255 UH        0 0          0 dsl
84.56.141.253   0.0.0.0         255.255.255.255 UH        0 0          0 dsl
192.168.179.0   0.0.0.0         255.255.255.0   U         0 0          0 guest
192.168.2.0     192.168.1.9     255.255.255.0   UG        0 0          0 tun0
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 tun0
192.168.0.0     0.0.0.0         255.255.255.0   U         0 0          0 lan
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 lan
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 dsl

Hier der Logfile des OpenVPN Servers auf der Box:
Code: 
Wed Feb 15 22:27:40 2012 us=671000 OpenVPN 2.2.2 mips-linux [SSL] [LZO2] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Feb 12 2012
Wed Feb 15 22:27:40 2012 us=671000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Feb 15 22:27:40 2012 us=767000 Diffie-Hellman initialized with 1024 bit key
Wed Feb 15 22:27:40 2012 us=775000 TLS-Auth MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Feb 15 22:27:40 2012 us=775000 Socket Buffers: R=[135168->131072] S=[135168->131072]
Wed Feb 15 22:27:40 2012 us=791000 TUN/TAP device tun0 opened
Wed Feb 15 22:27:40 2012 us=791000 TUN/TAP TX queue length set to 100
Wed Feb 15 22:27:40 2012 us=791000 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Feb 15 22:27:40 2012 us=791000 /sbin/ifconfig tun0 192.168.1.1 netmask 255.255.255.0 mtu 1500 broadcast 192.168.1.255
Wed Feb 15 22:27:40 2012 us=807000 /sbin/route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.9
Wed Feb 15 22:27:40 2012 us=815000 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Wed Feb 15 22:27:40 2012 us=819000 chroot to '/tmp/openvpn' and cd to '/' succeeded
Wed Feb 15 22:27:40 2012 us=819000 GID set to openvpn
Wed Feb 15 22:27:40 2012 us=819000 UID set to openvpn
Wed Feb 15 22:27:40 2012 us=819000 UDPv4 link local (bound): [undef]
Wed Feb 15 22:27:40 2012 us=819000 UDPv4 link remote: [undef]
Wed Feb 15 22:27:40 2012 us=819000 MULTI: multi_init called, r=256 v=256
Wed Feb 15 22:27:40 2012 us=823000 IFCONFIG POOL: base=192.168.1.10 size=11, ipv6=0
Wed Feb 15 22:27:40 2012 us=823000 Initialization Sequence Completed
Wed Feb 15 22:29:30 2012 us=703000 MULTI: multi_create_instance called
Wed Feb 15 22:29:30 2012 us=707000 94.217.251.130:47043 Re-using SSL/TLS context
Wed Feb 15 22:29:30 2012 us=707000 94.217.251.130:47043 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Feb 15 22:29:30 2012 us=707000 94.217.251.130:47043 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
RWed Feb 15 22:29:30 2012 us=707000 94.217.251.130:47043 TLS: Initial packet from [AF_INET]94.217.251.130:47043, sid=076cfa7a b876b2cf
WRRWWWWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRRRRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWed Feb 15 22:29:31 2012 us=239000 94.217.251.130:47043 VERIFY OK: depth=1, /C=DE/ST=BW/L=St
Wed Feb 15 22:29:31 2012 us=243000 94.217.251.130:47043 VERIFY OK: depth=0, /C=DE/ST=BW/L=Stuttgart/O=xxxx/OU=xxxxxx/CN=xxxxx.dyndns.org/[email protected]
WRWRWRWRWWWWRWRWRWRWRWRWRWRWRRRRWRWRWRWed Feb 15 22:29:31 2012 us=439000 94.217.251.130:47043 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Feb 15 22:29:31 2012 us=439000 94.217.251.130:47043 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Feb 15 22:29:31 2012 us=439000 94.217.251.130:47043 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Feb 15 22:29:31 2012 us=439000 94.217.251.130:47043 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
WWRRWed Feb 15 22:29:31 2012 us=475000 94.217.251.130:47043 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Feb 15 22:29:31 2012 us=475000 94.217.251.130:47043 [xxxx.dyndns.org] Peer Connection Initiated with [AF_INET]94.217.251.130:47043
Wed Feb 15 22:29:31 2012 us=475000 xxxx.dyndns.org/94.217.251.130:47043 MULTI_sva: pool returned IPv4=192.168.1.10, IPv6=::7fdf:2330:41:cc80:49:952c
Wed Feb 15 22:29:31 2012 us=475000 xxxx.dyndns.org/94.217.251.130:47043 MULTI: Learn: 192.168.1.10 -> xxxx.dyndns.org/94.217.251.130:47043
Wed Feb 15 22:29:31 2012 us=475000 xxxx.dyndns.org/94.217.251.130:47043 MULTI: primary virtual IP for xxxx.dyndns.org/94.217.251.130:47043: 192.168.1.10
RWed Feb 15 22:29:33 2012 us=855000 xxxx.dyndns.org/94.217.251.130:47043 PUSH: Received control message: 'PUSH_REQUEST'
Wed Feb 15 22:29:33 2012 us=859000 xxxx.dyndns.org/94.217.251.130:47043 send_push_reply(): safe_cap=960
Wed Feb 15 22:29:33 2012 us=859000 xxxx.dyndns.org/94.217.251.130:47043 SENT CONTROL [xxxx.dyndns.org]: 'PUSH_REPLY,route-gateway 192.168.1.1,topology subnet,route 192
WWWWRRRWRRWRWWRWRRWWRWRWRRWWRWRWRRWRwrWRwrWRwrWRwrWRwrWRWWRRWRWWRRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWWed Feb 15 22:40:02 2012 us=25
Wed Feb 15 22:40:02 2012 us=255000 TCP/UDP: Closing socket
Wed Feb 15 22:40:02 2012 us=255000 /sbin/route del -net 192.168.2.0 netmask 255.255.255.0
Wed Feb 15 22:40:02 2012 us=275000 ERROR: Linux route delete command failed: could not execute external program
Wed Feb 15 22:40:02 2012 us=275000 Closing TUN/TAP interface
Wed Feb 15 22:40:02 2012 us=275000 /sbin/ifconfig tun0 0.0.0.0
Wed Feb 15 22:40:02 2012 us=275000 Linux ip addr del failed: could not execute external program
Wed Feb 15 22:40:02 2012 us=327000 SIGTERM[hard,] received, process exiting

Und noch der Logfile des Clients aus dem Syslog:
Code: 
Feb 15 22:29:13 srv ovpn-client[6415]: Current Parameter Settings:
Feb 15 22:29:13 srv ovpn-client[6415]:   config = '/etc/openvpn/client.conf'
Feb 15 22:29:13 srv ovpn-client[6415]:   mode = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   persist_config = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   persist_mode = 1
Feb 15 22:29:13 srv ovpn-client[6415]:   show_ciphers = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   show_digests = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   show_engines = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   genkey = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   key_pass_file = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   show_tls_ciphers = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]: Connection profiles [default]:
Feb 15 22:29:13 srv ovpn-client[6415]:   proto = udp
Feb 15 22:29:13 srv ovpn-client[6415]:   local = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   local_port = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote = xxxx.dyndns.org'
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_port = 1194
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_float = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   bind_defined = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   bind_local = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   connect_retry_seconds = 5
Feb 15 22:29:13 srv ovpn-client[6415]:   connect_timeout = 10
Feb 15 22:29:13 srv ovpn-client[6415]:   connect_retry_max = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   socks_proxy_server = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   socks_proxy_port = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   socks_proxy_retry = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]: Connection profiles END
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_random = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   ipchange = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   dev = 'tun'
Feb 15 22:29:13 srv ovpn-client[6415]:   dev_type = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   dev_node = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   lladdr = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   topology = 1
Feb 15 22:29:13 srv ovpn-client[6415]:   tun_ipv6 = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   ifconfig_local = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   ifconfig_remote_netmask = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   ifconfig_noexec = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   ifconfig_nowarn = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   shaper = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   tun_mtu = 1500
Feb 15 22:29:13 srv ovpn-client[6415]:   tun_mtu_defined = ENABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   link_mtu = 1500
Feb 15 22:29:13 srv ovpn-client[6415]:   link_mtu_defined = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   tun_mtu_extra = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   tun_mtu_extra_defined = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   fragment = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   mtu_discover_type = -1
Feb 15 22:29:13 srv ovpn-client[6415]:   mtu_test = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   mlock = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   keepalive_ping = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   keepalive_timeout = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   inactivity_timeout = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   ping_send_timeout = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   ping_rec_timeout = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   ping_rec_timeout_action = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   ping_timer_remote = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   remap_sigusr1 = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   explicit_exit_notification = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   persist_tun = ENABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   persist_local_ip = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   persist_remote_ip = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   persist_key = ENABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   mssfix = 1450
Feb 15 22:29:13 srv ovpn-client[6415]:   passtos = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   resolve_retry_seconds = 1000000000
Feb 15 22:29:13 srv ovpn-client[6415]:   username = 'openvpn'
Feb 15 22:29:13 srv ovpn-client[6415]:   groupname = 'openvpn'
Feb 15 22:29:13 srv ovpn-client[6415]:   chroot_dir = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   cd_dir = '/etc/openvpn'
Feb 15 22:29:13 srv ovpn-client[6415]:   writepid = '/var/run/openvpn.client.pid'
Feb 15 22:29:13 srv ovpn-client[6415]:   up_script = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   down_script = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   down_pre = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   up_restart = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   up_delay = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   daemon = ENABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   inetd = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   log = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   suppress_timestamps = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   nice = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   verbosity = 5
Feb 15 22:29:13 srv ovpn-client[6415]:   mute = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   gremlin = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   status_file = '/var/run/openvpn.client.status'
Feb 15 22:29:13 srv ovpn-client[6415]:   status_file_version = 1
Feb 15 22:29:13 srv ovpn-client[6415]:   status_file_update_freq = 10
Feb 15 22:29:13 srv ovpn-client[6415]:   occ = ENABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   rcvbuf = 65536
Feb 15 22:29:13 srv ovpn-client[6415]:   sndbuf = 65536
Feb 15 22:29:13 srv ovpn-client[6415]:   sockflags = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   fast_io = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   lzo = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   route_script = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   route_default_gateway = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   route_default_metric = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   route_noexec = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   route_delay = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   route_delay_window = 30
Feb 15 22:29:13 srv ovpn-client[6415]:   route_delay_defined = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   route_nopull = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   route_gateway_via_dhcp = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   max_routes = 100
Feb 15 22:29:13 srv ovpn-client[6415]:   allow_pull_fqdn = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   management_addr = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   management_port = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   management_user_pass = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   management_log_history_cache = 250
Feb 15 22:29:13 srv ovpn-client[6415]:   management_echo_buffer_size = 100
Feb 15 22:29:13 srv ovpn-client[6415]:   management_write_peer_info_file = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   management_client_user = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   management_client_group = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   management_flags = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   shared_secret_file = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   key_direction = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   ciphername_defined = ENABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   ciphername = 'BF-CBC'
Feb 15 22:29:13 srv ovpn-client[6415]:   authname_defined = ENABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   authname = 'SHA1'
Feb 15 22:29:13 srv ovpn-client[6415]:   prng_hash = 'SHA1'
Feb 15 22:29:13 srv ovpn-client[6415]:   prng_nonce_secret_len = 16
Feb 15 22:29:13 srv ovpn-client[6415]:   keysize = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   engine = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   replay = ENABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   mute_replay_warnings = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   replay_window = 64
Feb 15 22:29:13 srv ovpn-client[6415]:   replay_time = 15
Feb 15 22:29:13 srv ovpn-client[6415]:   packet_id_file = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   use_iv = ENABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   test_crypto = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   tls_server = DISABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   tls_client = ENABLED
Feb 15 22:29:13 srv ovpn-client[6415]:   key_method = 2
Feb 15 22:29:13 srv ovpn-client[6415]:   ca_file = 'ca.crt'
Feb 15 22:29:13 srv ovpn-client[6415]:   ca_path = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   dh_file = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   cert_file = 'client.crt'
Feb 15 22:29:13 srv ovpn-client[6415]:   priv_key_file = 'client.key'
Feb 15 22:29:13 srv ovpn-client[6415]:   pkcs12_file = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   cipher_list = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   tls_verify = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   tls_remote = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   crl_file = '[UNDEF]'
Feb 15 22:29:13 srv ovpn-client[6415]:   ns_cert_type = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 160
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 136
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_ku[i] = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   remote_cert_eku = 'TLS Web Server Authentication'
Feb 15 22:29:13 srv ovpn-client[6415]:   tls_timeout = 2
Feb 15 22:29:13 srv ovpn-client[6415]:   renegotiate_bytes = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   renegotiate_packets = 0
Feb 15 22:29:13 srv ovpn-client[6415]:   renegotiate_seconds = 3600
Feb 15 22:29:13 srv ovpn-client[6415]:   handshake_window = 60
Feb 15 22:29:14 srv ovpn-client[6415]:   transition_window = 3600
Feb 15 22:29:14 srv ovpn-client[6415]:   single_session = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   push_peer_info = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   tls_exit = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   tls_auth_file = '[UNDEF]'
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_protected_authentication = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_private_mode = 00000000
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_cert_private = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_pin_cache_period = -1
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_id = '[UNDEF]'
Feb 15 22:29:14 srv ovpn-client[6415]:   pkcs11_id_management = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   server_network = 0.0.0.0
Feb 15 22:29:14 srv ovpn-client[6415]:   server_netmask = 0.0.0.0
Feb 15 22:29:14 srv ovpn-client[6415]:   server_bridge_ip = 0.0.0.0
Feb 15 22:29:14 srv ovpn-client[6415]:   server_bridge_netmask = 0.0.0.0
Feb 15 22:29:14 srv ovpn-client[6415]:   server_bridge_pool_start = 0.0.0.0
Feb 15 22:29:14 srv ovpn-client[6415]:   server_bridge_pool_end = 0.0.0.0
Feb 15 22:29:14 srv ovpn-client[6415]:   ifconfig_pool_defined = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   ifconfig_pool_start = 0.0.0.0
Feb 15 22:29:14 srv ovpn-client[6415]:   ifconfig_pool_end = 0.0.0.0
Feb 15 22:29:14 srv ovpn-client[6415]:   ifconfig_pool_netmask = 0.0.0.0
Feb 15 22:29:14 srv ovpn-client[6415]:   ifconfig_pool_persist_filename = '[UNDEF]'
Feb 15 22:29:14 srv ovpn-client[6415]:   ifconfig_pool_persist_refresh_freq = 600
Feb 15 22:29:14 srv ovpn-client[6415]:   n_bcast_buf = 256
Feb 15 22:29:14 srv ovpn-client[6415]:   tcp_queue_limit = 64
Feb 15 22:29:14 srv ovpn-client[6415]:   real_hash_size = 256
Feb 15 22:29:14 srv ovpn-client[6415]:   virtual_hash_size = 256
Feb 15 22:29:14 srv ovpn-client[6415]:   client_connect_script = '[UNDEF]'
Feb 15 22:29:14 srv ovpn-client[6415]:   learn_address_script = '[UNDEF]'
Feb 15 22:29:14 srv ovpn-client[6415]:   client_disconnect_script = '[UNDEF]'
Feb 15 22:29:14 srv ovpn-client[6415]:   client_config_dir = '[UNDEF]'
Feb 15 22:29:14 srv ovpn-client[6415]:   ccd_exclusive = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   tmp_dir = '[UNDEF]'
Feb 15 22:29:14 srv ovpn-client[6415]:   push_ifconfig_defined = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   push_ifconfig_local = 0.0.0.0
Feb 15 22:29:14 srv ovpn-client[6415]:   push_ifconfig_remote_netmask = 0.0.0.0
Feb 15 22:29:14 srv ovpn-client[6415]:   enable_c2c = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   duplicate_cn = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   cf_max = 0
Feb 15 22:29:14 srv ovpn-client[6415]:   cf_per = 0
Feb 15 22:29:14 srv ovpn-client[6415]:   max_clients = 1024
Feb 15 22:29:14 srv ovpn-client[6415]:   max_routes_per_client = 256
Feb 15 22:29:14 srv ovpn-client[6415]:   auth_user_pass_verify_script = '[UNDEF]'
Feb 15 22:29:14 srv ovpn-client[6415]:   auth_user_pass_verify_script_via_file = DISABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   ssl_flags = 0
Feb 15 22:29:14 srv ovpn-client[6415]:   port_share_host = '[UNDEF]'
Feb 15 22:29:14 srv ovpn-client[6415]:   port_share_port = 0
Feb 15 22:29:14 srv ovpn-client[6415]:   client = ENABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   pull = ENABLED
Feb 15 22:29:14 srv ovpn-client[6415]:   auth_user_pass_file = '[UNDEF]'
Feb 15 22:29:14 srv ovpn-client[6415]: OpenVPN 2.1.3 arm-unknown-linux-gnueabi [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Oct 22 2010
Feb 15 22:29:14 srv ovpn-client[6415]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Feb 15 22:29:14 srv ovpn-client[6415]: /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Feb 15 22:29:14 srv ovpn-client[6415]: Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Feb 15 22:29:14 srv ovpn-client[6415]: Socket Buffers: R=[112640->131072] S=[112640->131072]
Feb 15 22:29:14 srv ovpn-client[6415]: Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Feb 15 22:29:14 srv ovpn-client[6415]: Local Options String: 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Feb 15 22:29:14 srv ovpn-client[6415]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Feb 15 22:29:14 srv ovpn-client[6415]: Local Options hash (VER=V4): '3514370b'
Feb 15 22:29:14 srv ovpn-client[6415]: Expected Remote Options hash (VER=V4): '239669a8'
Feb 15 22:29:14 srv ovpn-client[6438]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Feb 15 22:29:14 srv ovpn-client[6438]: UDPv4 link local: [undef]
Feb 15 22:29:14 srv ovpn-client[6438]: UDPv4 link remote: [AF_INET]84.56.141.253:1194
Feb 15 22:29:14 srv ovpn-client[6438]: TLS: Initial packet from [AF_INET]84.56.141.253:1194, sid=a33bbc00 c813f4ca
Feb 15 22:29:15 srv ovpn-client[6438]: VERIFY OK: depth=1, /C=DE/ST=BW/L=Stuttgart/O=xxxx/CN=xxxx.dyndns.org/[email protected]
Feb 15 22:29:15 srv ovpn-client[6438]: Validating certificate key usage
Feb 15 22:29:15 srv ovpn-client[6438]: ++ Certificate has key usage  00a0, expects 00a0
Feb 15 22:29:15 srv ovpn-client[6438]: VERIFY KU OK
Feb 15 22:29:15 srv ovpn-client[6438]: Validating certificate extended key usage
Feb 15 22:29:15 srv ovpn-client[6438]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Feb 15 22:29:15 srv ovpn-client[6438]: VERIFY EKU OK
Feb 15 22:29:15 srv ovpn-client[6438]: VERIFY OK: depth=0, /C=DE/ST=BW/L=Stuttgart/O=xxxx/CN=xxxx.dyndns.org/[email protected]
Feb 15 22:29:15 srv ovpn-client[6438]: NOTE: Options consistency check may be skewed by version differences
Feb 15 22:29:15 srv ovpn-client[6438]: WARNING: 'version' is used inconsistently, local='version V4', remote='version V0 UNDEF'
Feb 15 22:29:15 srv ovpn-client[6438]: WARNING: 'dev-type' is present in local config but missing in remote config, local='dev-type tun'
Feb 15 22:29:15 srv ovpn-client[6438]: WARNING: 'link-mtu' is present in local config but missing in remote config, local='link-mtu 1541'
Feb 15 22:29:15 srv ovpn-client[6438]: WARNING: 'tun-mtu' is present in local config but missing in remote config, local='tun-mtu 1500'
Feb 15 22:29:15 srv ovpn-client[6438]: WARNING: 'proto' is present in local config but missing in remote config, local='proto UDPv4'
Feb 15 22:29:15 srv ovpn-client[6438]: WARNING: 'cipher' is present in local config but missing in remote config, local='cipher BF-CBC'
Feb 15 22:29:15 srv ovpn-client[6438]: WARNING: 'auth' is present in local config but missing in remote config, local='auth SHA1'
Feb 15 22:29:15 srv ovpn-client[6438]: WARNING: 'keysize' is present in local config but missing in remote config, local='keysize 128'
Feb 15 22:29:15 srv ovpn-client[6438]: WARNING: 'key-method' is present in local config but missing in remote config, local='key-method 2'
Feb 15 22:29:15 srv ovpn-client[6438]: WARNING: 'tls-server' is present in local config but missing in remote config, local='tls-server'
Feb 15 22:29:15 srv ovpn-client[6438]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Feb 15 22:29:15 srv ovpn-client[6438]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Feb 15 22:29:15 srv ovpn-client[6438]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Feb 15 22:29:15 srv ovpn-client[6438]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Feb 15 22:29:15 srv ovpn-client[6438]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Feb 15 22:29:15 srv ovpn-client[6438]: [xxxx.dyndns.org] Peer Connection Initiated with [AF_INET]84.56.141.253:1194
Feb 15 22:29:18 srv ovpn-client[6438]: SENT CONTROL [xxxx.dyndns.org]: 'PUSH_REQUEST' (status=1)
Feb 15 22:29:18 srv ovpn-client[6438]: PUSH: Received control message: 'PUSH_REPLY,route-gateway 192.168.1.1,topology subnet,route 192.168.0.0 255.255.255.0,route 192.168.1.1,dhcp-option WINS 192.168.0.100,ping 10,ping-restart 120,ifconfig 192.168.1.10 255.255.255.0'
Feb 15 22:29:18 srv ovpn-client[6438]: OPTIONS IMPORT: timers and/or timeouts modified
Feb 15 22:29:18 srv ovpn-client[6438]: OPTIONS IMPORT: --ifconfig/up options modified
Feb 15 22:29:18 srv ovpn-client[6438]: OPTIONS IMPORT: route options modified
Feb 15 22:29:18 srv ovpn-client[6438]: OPTIONS IMPORT: route-related options modified
Feb 15 22:29:18 srv ovpn-client[6438]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Feb 15 22:29:18 srv ovpn-client[6438]: ROUTE default_gateway=192.168.2.1
Feb 15 22:29:18 srv ovpn-client[6438]: TUN/TAP device tun0 opened
Feb 15 22:29:18 srv ovpn-client[6438]: TUN/TAP TX queue length set to 100
Feb 15 22:29:18 srv ovpn-client[6438]: /sbin/ifconfig tun0 192.168.1.10 netmask 255.255.255.0 mtu 1500 broadcast 192.168.1.255
Feb 15 22:29:18 srv ovpn-client[6438]: /sbin/route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.1.1
Feb 15 22:29:18 srv ovpn-client[6438]: GID set to openvpn
Feb 15 22:29:18 srv ovpn-client[6438]: UID set to openvpn
Feb 15 22:29:18 srv ovpn-client[6438]: Initialization Sequence Completed
Feb 15 22:39:39 srv ovpn-client[6438]: event_wait : Interrupted system call (code=4)
Feb 15 22:39:39 srv ovpn-client[6438]: TCP/UDP: Closing socket
Feb 15 22:39:39 srv ovpn-client[6438]: /sbin/route del -net 192.168.0.0 netmask 255.255.255.0
Feb 15 22:39:39 srv ovpn-client[6438]: ERROR: Linux route delete command failed: external program exited with error status: 7
Feb 15 22:39:39 srv ovpn-client[6438]: Closing TUN/TAP interface
Feb 15 22:39:39 srv ovpn-client[6438]: /sbin/ifconfig tun0 0.0.0.0
Feb 15 22:39:39 srv ovpn-client[6438]: Linux ip addr del failed: external program exited with error status: 255
Feb 15 22:39:39 srv ovpn-client[6438]: SIGTERM[hard,] received, process exiting
 
Zuletzt bearbeitet:
Würdest du bitte code-Tags für solche Ausgaben verwenden?

Gruß
Oliver
 
Hui, meine Vermutung lag vermutlich richtig ;-):
Der Client hat nicht die IP aus der "erweiterten Config" bekommen, sondern aus dem Pool. Du siehst im Log, dass er nicht .9 sondern .10 bekommen hat!
Du hast mit ziemlich großer Wahrscheinlichkeit beim "Clientname" in der erweiterten Config nicht den exakten Namen des Clients aus dem CN stehen ("xxxx.dyndns.org").
 
Super! Das war das Problem. Ich hatte in der erweiterten Config nur den Hostnamen "xxxx" ohne die Domain (statt "xxxx.dyndns.org") als Clientname angegeben. Respekt und vielen Dank!
 
Um antworten zu können musst du eingeloggt sein.

Zurzeit aktive Besucher

Gesamt: 721 (Mitglieder: 43, Gäste: 678)

Neueste Beiträge

Statistik des Forums

Themen
244,834
Beiträge
2,219,155
Mitglieder
371,531
Neuestes Mitglied
P-Touch
Holen Sie sich 3CX - völlig kostenlos!
Verbinden Sie Ihr Team und Ihre Kunden Telefonie Livechat Videokonferenzen

Gehostet oder selbst-verwaltet. Für bis zu 10 Nutzer dauerhaft kostenlos. Keine Kreditkartendetails erforderlich. Ohne Risiko testen.

3CX
Für diese E-Mail-Adresse besteht bereits ein 3CX-Konto. Sie werden zum Kundenportal weitergeleitet, wo Sie sich anmelden oder Ihr Passwort zurücksetzen können, falls Sie dieses vergessen haben.
Ihr E-Mail-Adresse verifizieren

Ihr E-Mail-Adresse verifizieren

Wir haben Ihnen eine E-Mail geschickt. Klicken Sie auf die Schaltfläche im E-Mail-Text, um Ihre E-Mail-Adresse zu verifizieren – (Können Sie diese nicht finden können, dann überprüfen Sie Ihren Spam-Ordner).

IPPF im Überblick

Neueste Beiträge

Direktlinks Telefonanlage

Website-Sponsoren

3CX sponsor
KONTAKTIEREN SIE UNS BEI INTERESSE
| Style by ThemeHouse
XenPorta 2 PRO © Jason Axelrod of 8WAYRUN
Oben Unten
Zurück